Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Static code analysis


Verification

•Dynamic Program Analysis

•AppVerifier

•Sandbox
•Fuzz Testing
•Threat Model and Attack Surface review
•Penetration Test

Recommended tools:


Tool NameDescriptionLicense
Static analysisCoverity

This tool finds defects and security vulnerabilities in custom source code written in C, C++, Java, C#, JavaScript and more

Coverity Scan is a free static-analysis cloud-based service for the open source community

Commercial

SonarQubeSonarQube (formerly Sonar)[1] is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilitiesGNU LGPL

VeracodeVeracode provides multiple security analysis technologies on a single platform, including static analysisdynamic analysis, mobile application behavioral analysis and software composition analysis. Evaluated by AT&T

FortifyUsed by AT&T

Helix QACHelix QAC is the most accurate static code analyzer for C and C++.

CodeSonarCodeSonar performs a unified dataflow and symbolic execution analysis that examines the computation of the entire program.

MISRAMISRA and the associated tools. Should we conform with MISRA standard?
Dynamic analysisIBM Security AppScanEvaluated by AT&TCommercial

Fortify WebInspectUsed by AT&TCommercial

VeraCodeVeracode provides multiple security analysis technologies on a single platform, including static analysisdynamic analysis, mobile application behavioral analysis and software composition analysis.Commercial

angrangr is a platform-agnostic binary analysis framework. It performs
  • Disassembly and intermediate-representation lifting
  • Program instrumentation
  • Symbolic execution
  • Control-flow analysis
  • Data-dependency analysis
  • Value-set analysis (VSA)
  • Decompilation


Valgrind Valgrind tool suite provides a number of debugging and profiling tools.GPLv2

KLEEKLEE is a symbolic virtual machine built on top of the LLVM compiler infrastructure, and available under the UIUC open source license.

LLVM/Clang Sanitizers

It is a fast memory error detector. It consists of a compiler instrumentation module and a run-time library. The tool can detect the following types of bugs:



FlowDroid (Java)FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool, it could be leveraged to scan Java Bytecode.
Pen testMetasploit FrameworkThe Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.BSD

OWASP Zed Attack Proxy (ZAP)OWASP ZAP is an open-source web application security scanner. Apache

AutosploitAutoSploit attempts to automate the exploitation of remote hosts.

ArmitageArmitage is a graphical cyber attack management tool for the Metasploit.

cisco-global-exploiterCisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool .

BURP suite


Postman

Browser plugin (Randy Stricklin to add details as to how to integrate with CI/CD


Fuzzing testOSS-FuzzOSS-Fuzz conducts continuous fuzzing of open source softwares.Apache

AFL

American fuzzy lop is a fuzzer that employs genetic algorithms in order to efficiently increase code coverage of the test cases.

https://github.com/mirrorer/afl

Apache
Vulnerability analysisJFrog XRayUsed by AT&T. For container, npm, RPM, and debian etc artifacts vulnerability scanCommercial

CoreOS ClairClair is an open source project for the static analysis of vulnerabilities in application containers (currently including appcand docker).Apache

CybellumCybellum V-Ray ™. Gives full component visibility and risk assessment, based on automated vulnerability detection.

GrammaTech CodeSonarSource code and binary level static analysis

ClamAVAnti-virusOpen source

NMAP

Discover hosts and services on a computer network by sending packets and analyzing the responses.Modified GPLv2

OpenVASThe OpenVAS scanner is a comprehensive vulnerability assessment system that can detect security issues in all manner of servers and network devices.

WiresharkWireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

Nessus ProfessionalNessus helps the security pros on the front lines quickly and easily identify and fix vulnerabilities - including software flaws, missing patches, malware, and misconfigurations.

John the RipperJohn the Ripper is a free password cracking software tool.
Stress TestSlowHTTPTest

SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP connections in different ways.

Apache

MoonGen with DPDK

Fast and flexible packet generator for 10 Gbit/s Ethernet and beyond. MoonGen uses hardware features for accurate and precise latency measurements and rate control.

MIT

Pktgen with DPDKPktgen is a traffic generator powered by Intel's DPDK at 10Gbit wire rate traffic with 64 byte frames.
Full stack test
@daniil Egranov
Platform

Root of trust. For intel & Arm @daniil Egranov

https://insights.sei.cmu.edu/sei_blog/07092018_testingtools_scanlon_figure2_2.png


...